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REMARKS 

Claims 1-40 are pending in the present application, with claims 1, 11, 14, 24, 27 and 37 
being the independent claims. Claims 1,8, 11, 12, 14-26, 27, 35, 37 and 38 are amended. No 
new matter has been added. 

In the Office Action of February 16, 2007, claims 1, 8 and 1 1 are objected to due to 
informalities. Claims 14-23 and 24-26 are rejected under 35 U.S.C. §101 as being directed to 
non-statutory subject matter. Claims 1, 14 and 27 are rejected on the ground of nonstatutory 
obviousness-type double patenting as allegedly unpatentable over claims 1,15 and 29 of 
commonly owned copending U.S. Patent Application 10/693,061. Claims 12, 22, 25, 35 and 38 
are rejected under 35 U.S.C. § 1 12 as being indefinite. Claims 1-40 are rejected under 35 U.S.C. 
§ 102(b) as being anticipated by U.S. Patent No. 5,822,435 issued to Boebert et al. 

The outstanding rejections to the claims are respectfully traversed. 

Claim Objections 

In the Office Action of February 16, 2007, claims 1, 8, and 1 1 are objected to for the 
informality of using "A method for providing. .., comprising:" instead of "A method for 
providing. . ., comprising the steps of:". These claims have been amended to address this 
objection, and accordingly, Applicants respectfully request that this objection be withdrawn. 

Claims 1, 11, 14, 24, 27 and 37 have also been amended for grammatical correctness. 
These claims previously recited, in relevant part, "and an second execution environment". 
Claims 1, 11, 14, 24, 27 and 37 are amended to recite in relevant part "and a second execution 
environment". 

Claim Rejections - 35 U.S.C $101 

In the Office Action of February 16, 2007, claims 14-23 and 24-26 stand rejected under 
35 U.S.C § 101 as being directed to non-statutory subject matter. The Examiner asserts that the 
subject matter of these claims is not eligible for patentability because it does not produce a 
useful, concrete and tangible result upon execution of the instructions. Specifically, the 
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Examiner asserts that "A computer readable medium containing computer executable 
instructions" as recited in these claims may be reasonably interpreted as being not limited to 
computer storage media. Applicants have amended claims 14-23 and 24-26 to recite "A 
computer readable storage medium" where appropriate to clarify the subject matter of the claims. 
Accordingly, reconsideration and withdrawal of the rejection of claims 14-23 and 24-26 is 
respectfully requested. 

Double Patenting Rejection 

Claims 1, 14 and 27 stand rejected over claims 1, 15 and 29 of commonly owned 
copending U.S. Patent Application 10/693,061 based obviousness-type provisional double 
patenting. Applicants submit that claims 1,14 and 27 as amended are patentably distinct from 
claims 1, 15 and 29 of U.S. Patent Application 10/693,061. Specifically, where claims 1, 15 and 
29 in the copending application use a secured execution environment mode to determine the 
transfer of user input, claims 1, 14 and 27 as amended in the present application determine the 
transfer of user input based on the user input itself. Therefore, claims 1,14 and 27 are patentably 
distinct from claims 1, 15 and 29 of U.S. Patent Application 10/693,061. Accordingly, 
reconsideration and withdrawal of the rejection based on obviousness-type provisional double 
patenting is thus respectfully requested. 

Rejections under 35 U.S.C. $112 

Claims 12, 22, 25, 35 and 38 stand rejected under 35 U.S.C. §1 12, second paragraph, as 
being indefinite for failing to particularly point out and distinctly claim the subject matter which 
the Applicant regards as the invention. Specifically, the Examiner asserts that there is 
insufficient antecedent basis for the claim limitation "said output data" because it is not clear 
whether "said output data" refers to the previously recited "said output" or merely to the data 
portion of "said output". These claims are amended to clarify the subject matter disclosed. For 
example, claim 12 now recites "The method of claim 11, where said output contains a data 
portion, and where said step of securely transferring said output to said output device comprises: 
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encrypting said data portion of said output." Claims 22, 25, 35 and 38 have been similarly 
amended. In view of the present amendments, Applicants submit that claims 12, 22, 25, 35 and 
38 now fully comply with 35 U.S.C.§1 12, second paragraph. Accordingly, it is respectfully 
requested that the rejections, under 35 U.S.C.§1 12, second paragraph, of claims 12, 22, 25, 35 
and 38 be reconsidered and withdrawn. 



Rejections under 35 U.S.C. $102 

In the Office Action, claims 1-40 stand rejected under 35 U.S.C. § 102(b) as being 
anticipated by U.S. Patent No. 5,822,435 issued to Boebert et al. (hereinafter referred to as 
"Boebert".) Applicants respectfully traverse this rejection. 

The subject matter of independent claims 1 and 14 includes the features of, in a system 
comprising a secure computing environment and a second computing environment, determining, 
based on the user input, whether user input is intended for the secure computing environment, 
and if not, transferring the input to the second computing environment. To further clarify this 
aspect of the present subject matter, claims 1 and 14 have been amended to recite, in relevant 
part, "determining, based on said user input, whether said user input is intended for said secured 
execution environment". As presently amended, these claims disclose making a determination of 
whether user input is intended for the secure environment based on the user input. This feature is 
neither disclosed nor anticipated by the prior art. 

In the Office Action on page 6, the Examiner asserts that Boebert column 5, line 27 and 
column 6, lines 26-29 disclose determining whether said user input is intended for the secure 
computing environment. The Examiner further asserts Boebert column 5, lines 18-24 and 44-46 
disclose if said user input is not intended for said secured execution environment, transferring 
said user input to said second execution environment. Applicants respectfully disagree. 

Boebert is directed to ensuring secure communication over an unsecured communications 
medium between a user working on an unsecured workstation and a host computer. The 
Examiner asserts that Boebert's user invoking trusted path mode (Boebert column 5, line 27) and 
authenticating the user to the trusted computer or trusted path subsystem (Boebert column 6, 
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lines 26-29) is equivalent to determining whether said user input is intended for the secure 
computing environment. The Examiner further asserts that Boebert's in trusted path mode, 
keyboard manager intercepts keyboard data intended for workstation and the data is then routed 
to cryptographic entity (Boebert column 5, lines 44-46), and in normal mode, logical switches 
are in the UP position , connecting workstation processor directly to keyboard and display and 
thus permits the free transfer of information from keyboard to workstation and from workstation 
to display (Boebert column 5, lines 18-24) is equivalent to if said user input is not intended for 
said secured execution environment, transferring said user input to said second execution 
environment. When read together, these two portions of Boebert clearly demonstrate at least one 
substantial difference between the present subject matter and Boebert. Boebert directs data to 
either a cryptographic entity or directly to the workstation based solely on the "mode" which is 
determined by the settings of logical switches, as mentioned in the portions cited by the 
Examiner. This is different from the subject matter claimed in claims 1 and 14, where the 
determination is made based on the user input. 

This is made more clear by the following excerpt from Boebert, partially cited by the 
Examiner (column 5, lines 27-32): "When the user invokes trusted path mode, however, 
workstation processor 40 is disconnected from keyboard 20 and display 10 by logical switches 
37 and 38, respectively. Keyboard 20 and display 10 are then connected to their respective 
managers in workstation trusted path subsystem 30." Thus, as should be appreciated, Boebert 
essentially uses logical switches to determine the destination of data, not the user input. All data 
is treated the same way depending on the mode. Furthermore, the setting of the logical switches 
is not determined by the user input. The treatment of data does not depend on the data itself. 
Therefore, Boebert does not disclose determining whether input is intended for a secure 
computing environment based on the input, as claimed in amended claims 1 and 14. 

Applicants submit that Boebert does not disclose or anticipate all the elements of claims 1 
and 14 or claims depending therefrom, including claims 2-10 and 15-23. Accordingly, 
Applicants respectfully request reconsideration and withdrawal of the § 102(b) rejection of claims 
1-10 and 14-23. 
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In the Office Action, claim 27 is rejected on a similar basis as claims 1 and 14. 
Specifically, the Examiner asserts that Boebert column 6, lines 26-29 and column 5 line 27 
discloses a trusted input manager for determining whether said user input is intended for said 
secured execution environment, and that Boebert column 5 lines 1 8-24 and 44-46 disclose if said 
user input is not intended for said secured execution environment, transferring said user input to 
said second execution environment. Applicants respectfully disagree. Claim 27 is amended to 
clarify the subject matter disclosed therein by adding the phrase "based on said user input" to the 
appropriate portion of the claim. 

Boebert, as discussed above, discloses a directing data to either a cryptographic entity or 
directly to the workstation based solely on the "mode" which is determined by the settings of 
logical switches, as mentioned in the portions cited by the Examiner and the excerpt from 
Boebert given above. Boebert' s use of logical switches to determine the destination of data is 
not dependent on the user input. Therefore, Boebert does not disclose or anticipate determining 
whether input is intended for a secure computing environment based on the input, as claimed in 
amended claim 27. 

Applicants submit that Boebert does not disclose or anticipate all the elements of claim 
27 or claims depending therefrom, including claims 28-36. Accordingly, Applicants respectfully 
request reconsideration and withdrawal of the § 102(b) rejection of claims 27-36. 

The subject matter of independent claims 1 1, 24 and 37 includes the feature of accepting 
output from a specific source entity in a secured execution environment and securely transferring 
the output to an output device. As claimed, the output accepted originates from a source entity 
within a secured execution environment. This output is then securely transferred to an output 
device. This feature is neither disclosed or anticipated in the prior art. 

In the Office Action, the Examiner asserts that Boebert discloses accepting output from a 
specific source entity in said execution environment. Applicants respectfully disagree. As stated 
above, Boebert is directed to ensuring secure communication over an unsecured communications 
medium between a user working on an unsecured workstation and a host computer. The cited 
text of Boebert for this portion of the rejection (column 8, lines 45-50) discloses video data 
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transmitted from a workstation to a video manager, which, if the system is in normal mode, 
transfers the data directly to a display. If Boebert's system is in trusted path mode, the video 
manager generates data which it overlays onto the video data. In Boebert, the video manager 
acts as an intermediary, affecting or not affecting data between two devices based on the mode. 
The treatment of data on the path between the devices is secured or unsecured, depending on the 
mode. The devices themselves are not secured or unsecured; they are the same regardless of the 
mode. This is unlike the present subject matter, where output is accepted from a specific source 
entity within a secured execution environment. The source entity, by its nature and location 
within the secured execution environment, is a secured source entity. Thus, output from the 
source entity is securely transferred to an output device. The treatment of the output does not 
depend on a "mode" or other intermediary device determinations, as is disclosed in Boebert. 
Therefore, Boebert does not disclose or anticipate accepting output from a specific source entity 
in a secured execution environment and securely transferring the output to an output device. 

Applicants submit that Boebert does not disclose or anticipate all the elements of claims 
1 1, 24 and 37 or claims depending therefrom, including claims 12-13, 25-26 and 38-40. 
Accordingly, Applicants respectfully request reconsideration and withdrawal of the § 102(b) 
rejection of claims 11-13, 24-26 and 37-40. 
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CONCLUSION 

In view of the foregoing, Applicants respectfully submit that this application is in 
condition for allowance. Favorable consideration and prompt allowance are earnestly solicited. 

Should the Examiner believe that anything further would be desirable in order to place 
this application in even better condition for allowance, the Examiner is invited to contact 
Applicant's undersigned representative at the telephone number listed below. 



Respectfully submitted, 



Date: May 15, 2007 /Aaron F. Bourgeois/ 

Aaron F. Bourgeois 
Registration No. 57,936 

Woodcock Washburn LLP 
Cira Centre 

2929 Arch Street, 12th Floor 
Philadelphia, PA 19104-2891 
Telephone: (215)568-3100 
Facsimile: (215) 568-3439 
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